Search code examples
jasper-reportsschedulingjasperserverrole

JasperServer Deny ROLE_USER create and modify scheduling

i need to prevent scheduling reports in JasperServer by normal users, even modify a previous schedule made by ROLE_ADMINISTRATOR. Only can scheduling the ROLE_ADMINISTRATOR.

I've follow this guide http://community.jaspersoft.com/wiki/how-customize-navigation-resource-menu-right-click-resource and this one Control Scheduling in JasperReports Server to prevent use the scheduling action and it only works partially, users can't create a schedule using context menu (right click) but they can modify,eliminate a previous schedule. how? By using a link (clock icon) in list of reports that have a previous schedule.

Anyone knows a solution to prevent this?

Solution

  • I found a solution following this guides: http://community.jaspersoft.com/documentation/jasperreports-server-ultimate-guide/v561/restricting-access-role

    I've used the "Restricting a Section of a JSP File by Role" in the page:

    ".../WEB-INF/jsp/modules/reportScheduling/main.jsp"

    To Restrict the buttons ("Create Schedule", "Run Now" and "Refresh List") to ROLE_USERS, needs to encapsule this code with the tag authz:authorize

    <li class="node open">
    <ul class="list buttonSet">
        <li class="leaf">
            <button class="button capsule text first up scheduleJob">
                <span class="wrap"><spring:message code="report.scheduling.list.button.new"/></span>
                <span class="icon"></span>
            </button>
        </li>
        <li class="leaf">
            <button class="button capsule text last up runJob">
                <span class="wrap"><spring:message code="report.scheduling.list.button.now"/></span>
                <span class="icon"></span>
            </button>
        </li>
    </ul>
</li>   
<li class="node open">
    <ul class="list buttonSet">
        <li class="leaf">
            <button class="button capsule text up refreshList">
                <span class="wrap"><spring:message code="report.scheduling.list.button.refresh"/></span>
                <span class="icon"></span>
            </button>
        </li>
    </ul>
</li>

    This way:

    <authz:authorize ifAllGranted="ROLE_ADMINISTRATOR">
<li class="node open">      
  ...
</li>
</authz:authorize>

    And last, restrict the job's schedule result list:

    <!-- body of jobs list -->
<authz:authorize ifAllGranted="ROLE_ADMINISTRATOR">
        <div id="resultsContainer" class="body">
            <ul id="resultsList" class="list collapsible tabular jobs sixColumn"></ul>
        </div>
</authz:authorize>
<!-- end of body of jobs list -->